Just how effective is antivirus software?

IT security experts increasingly ask the same question

Mark Huffman has been a consumer news reporter for ConsumerAffairs since 2004. He covers real estate, gas prices and the economy and has reported extensively on negative-option sales. He was previously an Associated Press reporter and editor in Washington, D.C., a correspondent for Westwoood One Radio Networks and Marketwatch.
Read Full Bio→

For years, any article about how to protect yourself from computer viruses and malware was usually tagged with “and keep your antivirus software up to date.”

That advice, however, appears to be in the review process as several tech sources have started to question the software's effectiveness.

The latest concern comes from the Department of Homeland Security's Computer Emergency Readiness Team (CERT), which singled out the popular antivirus software packages from Symantec, most commonly marketed under the Norton brand.

“Symantec antivirus products use common unpackers to extract malware binaries when scanning a system,” the agency noted. “A heap overflow vulnerability in the ASPack unpacker could allow an unauthenticated remote attacker to gain root privileges on Linux or OSX platforms. The vulnerability can be triggered remotely using a malicious file (via email or link) with no user interaction.”

Multiple critical vulnerabilities

Last month, Google's Project Zero also sounded the alarm over Symantec products. It published details of what it called “multiple critical vulnerabilities” in the company's endpoint protection products that include ways for a hacker to remotely execute code changes.

“These vulnerabilities are as bad as it gets,” the Google researchers warned. “They don’t require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible. In certain cases on Windows, vulnerable code is even loaded into the kernel, resulting in remote kernel memory corruption.”

In statements to various media, Symantec has said that it addressed the issues raised by Project Zero in subsequent updates.

Other warnings

But it turns out that questions about the effectiveness of antivirus software aren't exactly news. Last year, a technology blog for government IT specialists warned that “simply installing antivirus technology does not protect today’s endpoints.”

It cited a Lastline Labs study the previous year on the effectiveness of antivirus scanners, noting that much of the newly introduced malware slipped by nearly half of the antivirus vendors.

The study said that two months in, one third of the antivirus scanners still failed to find many of the malware samples. In fact, the malware that experts conceded is the least likely to be detected proved the points, with a majority of the antivirus scanners failing to find it. Some eventually found it, but it took a while.

Waste of money?

So at $30 to $50 a year, is antivirus-software a waste of money? Wired posed that question as early as 2012, when it discovered that many of the world's top IT security experts personally do not use an antivirus product.

At the time, Wired concluded the software is probably not a waste of money, especially for businesses that employ multiple users who might do stupid things.

But the report noted that malware creators test their products against the latest antivirus-software, so the most effective defense for most consumers is to be cautious about the websites they visit and to not open questionable attachments.

Terms of Use Your use of this site constitutes acceptance of the Terms of Use.

Advertisements on this site are placed and controlled by outside advertising networks. ConsumerAffairs.com does not evaluate or endorse the products and services advertised. See the FAQ for more information.

Partner with ConsumerAffairs for Brands If your company has a page on our site, we invite you to sign up for a Starter Account today to respond to your customers directly. Alternatively, you may call us at 1-866-773-0221.

The information on this Web site is general in nature and is not intended as a substitute for competent legal advice. ConsumerAffairs.com makes no representation as to the accuracy of the information herein provided and assumes no liability for any damages or loss arising from the use thereof.